How to change conflicting GID and UID between NAS and Domain

Publication Date: 2013-06-29Views: 104Downloads: 0

Issue Description

N8500 V2R1C00SPC006.
The background:《N8500 how to manage CIFS and NFS together at same domain》.

Alarm Information

1. Without user mapping between cifs and nfs, we create two folders test_pn and testcifs via user tlp\j.bastidon in cifs share. It is very strange that the groupname avdefs is not from Open-LDAP or NT-Domain either.

2. With user mapping between cifs and nfs, we create two folders tlp_test and ttt via user tlp\j.bastindon in cifs share. Checking from the NAS support command line and Linux NFS share, the groupname is tlp which is the correct one as above picture.
But checking in the windows machine which uses CIFS share, the groupname is still avdefs.

3. We find avdefs is an internal group ,the GID is 1000.
4. We find GID of tlp in LDAP is 1090.It is strange , no conflict between avdefs and tlp.
5. We search GID 1000 in LDAP and get a group named root. And the main group of j.bastindon is root in LDAP.

Handling Process

1. Change the main group of j.bastindon to tlp in the domain.
Check in the NAS support interface, we can see the first groupname is changed to 1090.
Checking it again in the cifs share and NFS share, the folder has the same goupname.

Make sure these user is not used before change, so you should close ISM and master command line.

1)Modify GID with the command
groupmod -g newgid groupname
Check users which belong to this group with command:
If the group is the main group for this user, user command as below to refresh:
usermod -g Xmaster master
If not, use command as below to refresh:
usermod -G master,sysadmin, stoadmin, sysstoadmin master

2) Modify UID

For user master as an example
master:x:0:1005::/home/clish:/opt/VRTSnasgw/clish/bin/clish
0 is the UID,1005 is the main group ID.

Modiy the UID with the command
usermod –u uid username

Check which groups the user are belong to with command
cat /etc/group|grep master
master:!:1001:master,admin
sysadmin:!:1002:master,admin
stoadmin:!:1003:master,admin
sysstoadmin:!:1004:master,admin
Xmaster:!:1005: //This is main group.
Because the UID and group ID is changed ,so you need to refresh the groups with the commad.
usermod -g Xmaster master
usermod -G master,sysadmin, stoadmin, sysstoadmin master
The sysadmin,stoadmin and sysstoadmin is other groups, you must refresh all of them.

3) Do the same thing for user admin and read_group.

Root Cause

So we get the reason, the Linux will show the first group name, there are two groupname with same GID, the linux box will use local groupname prior.